.env.prod.example at 5557a4b5f7903a42e053228dafe6c987d35f2908 · bretton.dev/coves

bretton.dev / coves
A community based topic aggregation platform built on atproto
coves / .env.prod.example
at 5557a4b5f7903a42e053228dafe6c987d35f2908 2.5 kB view raw
 1# Coves Production Environment Variables
 2# Copy to .env.prod and fill in real values
 3# NEVER commit .env.prod to git!
 4
 5# =============================================================================
 6# PostgreSQL (AppView Database)
 7# =============================================================================
 8POSTGRES_DB=coves_prod
 9POSTGRES_USER=coves_user
10POSTGRES_PASSWORD=CHANGE_ME_SECURE_PASSWORD_HERE
11
12# =============================================================================
13# PDS (Personal Data Server)
14# =============================================================================
15# Generate with: openssl rand -hex 32
16PDS_JWT_SECRET=CHANGE_ME_64_HEX_CHARS
17
18# Admin password for PDS management
19PDS_ADMIN_PASSWORD=CHANGE_ME_SECURE_ADMIN_PASSWORD
20
21# K256 private key for DID rotation
22# Generate with: openssl rand -hex 32
23PDS_ROTATION_KEY=CHANGE_ME_64_HEX_CHARS
24
25# Optional: Email configuration for account recovery
26# PDS_EMAIL_SMTP_URL=smtp://user:pass@smtp.example.com:587
27# PDS_EMAIL_FROM_ADDRESS=noreply@coves.me
28
29# =============================================================================
30# AppView OAuth (for mobile app authentication)
31# =============================================================================
32OAUTH_CLIENT_ID=https://coves.social/client-metadata.json
33OAUTH_REDIRECT_URI=https://coves.social/oauth/callback
34
35# Generate EC P-256 private key in JWK format
36# See: https://atproto.com/specs/oauth#client-metadata
37OAUTH_PRIVATE_JWK={"kty":"EC","crv":"P-256","x":"...","y":"...","d":"..."}
38
39# =============================================================================
40# AppView Encryption
41# =============================================================================
42# For encrypting community credentials in database
43# Generate with: openssl rand -base64 32
44ENCRYPTION_KEY=CHANGE_ME_BASE64_ENCODED_KEY
45
46# =============================================================================
47# Cloudflare (for wildcard SSL certificates)
48# =============================================================================
49# Required for *.coves.social wildcard certificate
50# Create at: Cloudflare Dashboard → My Profile → API Tokens → Create Token
51# Template: "Edit zone DNS" with permissions for coves.social zone
52CLOUDFLARE_API_TOKEN=CHANGE_ME_CLOUDFLARE_TOKEN
53
54# =============================================================================
55# Optional: Versioning
56# =============================================================================
57VERSION=latest